Internet Voting Is Years Away, And Maybe Always Will Be

by Steve Wildstrom   |   April 8th, 2012

In today’s New York Times Magazine, political writer Matt Bai grumbles in a short piece about his inability to vote online in an era where nearly everything else can be done over the Internet. “The best argument against Internet voting,” he writes, “is that it stacks the system against old and poor people who can’t afford or use computers, but the same could be said about cars.” That, he argues, is a problem that could easily be solved by the electronic equivalent of giving people rides to a polling place. If only it were so simple.

Voting, alas, has unique characteristics that make internet implementations all but impossible given current technology. The big problem is that we make two demands of it that cannot be met simultaneously. We want voting to be very, very secure. And we want it to be very, very anonymous.

Internet security is difficult under the best of conditions. But voting has the additional complication that it is very difficult, if not impossible, to remedy a breach. Most of the time, all that is at stake is money, and we know how to fix that. Identity theft is more complex but still there are remedies. A stolen vote is gone forever.

Anonymity complicated the problem immensely. The usual way to secure an internet transaction to to make certain that both the server and the person at the other end and who or what they claim to be. To cast a ballot at a poling place or vote an absentee ballot, you have to produce identification or, at a minimum, a signature that matches one on file. It’s not perfect. but it’s generally better than we can do on the internet. Then you are given a ballot or a card that activates an electronic voting machine, but there is no link between the ballot and  your identity, guaranteeing anonymity. This is really, really hard to simulate online. The more that is done to assure your identity, the harder it is to separate that identity from the vote that is cast.

Furthermore, trust is central to elections and people, rightly, have their doubts about trusting online voting. In 2010, the District of Columbia set up a web-based voting system for residents living abroad. A team from the University of Michigan was able to compromise the system in minutes. The test was quickly aborted.

We will see more trials in this year’s voting. But widespread internet voting is still waiting for a day that may never come.

 

 

 

Steve Wildstrom

Steve Wildstrom is veteran technology reporter, writer, and analyst based in the Washington, D.C. area. He created and wrote BusinessWeek’s Technology & You column for 15 years. Since leaving BusinessWeek in the fall of 2009, he has written his own blog, Wildstrom on Tech and has contributed to corporate blogs, including those of Cisco and AMD and also consults for major technology companies.
  • Jonathan Wildstrom

    When I read the piece, I was more concerned by the security aspect. As soon as I saw his comment about “the best argument,” I largely wrote him off. In my mind, the best argument is that the security is incredibly difficult. Good security isn’t hard, but great security (not to mention unbreakable security) is much harder. Considering we have groups of hackers who can get into sites that purport to be secure, I’m not sure who I trust to secure an internet voting system in such a way that we don’t discover the next day that Mickey Mouse (or, more likely, “V”) won the election.

    Which is not to say that I particularly trust the people who make the physical eVoting machines either, but at least there you need physical access to tamper, and someone can be watching.

  • http://www.theofrancis.com/ Theo

    Not all voting systems in the U.S. are truly anonymous, incidentally. Arkansas, I’m pretty sure, can match up ballots to voters after the fact, if necessary. (I believe there are legal safeguards that prevent this from being done for anything but good reasons.) There may be others.

    • steve_wildstrom

      I don’t know about Arkansas, but states generally put a high value on anonymity, usually by stripping identifiable material off the ballot, thereby retaining a record of who voted but not how they voted. What’s not widely known is that the secret (or “Australian”) ballot did not come into widespread use in the U.S. until the late 19th century.

  • benbajarin

    I am not entirely sure what the idea voting situation would be. I think a huge first step would be a better voting system at the podium. Meaning using something like an NFC voting ID and a better computerized system at the balloting locations. I don’t mind going out to vote, I like the social aspect of it but I don’t like the paper process. The trick is to have a system that includes security but also eliminates as much chance of human error as possible.

    What I think would be very helpful and informative was perhaps a more formal yet informal polling option that can measure the pulse of a community on certain topics. This would help for more accurate emphasis on key issues or other parts of Government. Kind of like an informal quick polling system that would hopefully yield more effective ways for government to make decisions.

    I know much of that is a pipe dream but one can hope.

    • steve_wildstrom

      Informal polling should be pretty simple. As long as it’s not binding, it shouldn’t be covered by the complex law that governs actual election. The big problem is preventing either interest groups or pranksters from gaming or compromising the system (see Anonymous winning the Time 100 poll).

  • http://twitter.com/RstartDemocracy Restart Democracy

    Matt Bai, like many commentators, is simply under-informed about the difficulty of internet voting. Like you say, it’s really, really hard and most experts agree that the technology to pull it off doesn’t exist yet.

    That’s an informed and reasonable starting point – it’s really hard and we need major technical breakthroughs to make secure internet voting a reality. But once we’ve established this as the starting point, where do we go next? There are at least two options, (1) secure internet voting is so hard that it’s not worth doing and (2) secure internet voting is so important to democracy that, even though it’ll cost a ton, it’s still worth doing.

    Many, many people argue in favor of the #1. Very, very few people give any time to #2.

    Given the state of our democracy (poor), the potential for secure internet voting to improve it (positive), and our strong historical interest in driving technical innovation, I’m not sure why so many intelligent people are defaulting to #1. In addition to direct democratic impacts, development of technology that makes secure internet voting possible is likely to create numerous positive externalities (see more here – restartdemocracy.org/2011/12/06/coases-ballot/)

    Always is a long time, if apocalypse is avoided, the vote will eventually migrate to the net. I have a hard time believing that Captain Kirk voted by mail…

    Thanks for the post.

    Best,
    Chris

    • http://www.facebook.com/people/William-Kelleher/100000158583767 William Kelleher

      Congrats for recognizing the potential for democratic reform that Internet voting has. Here’s just a couple of friendly suggestions. Re-think the empirical basis of your use of the word “most,” in your first paragraph. It just doesn’t fit the facts. In chapters 1 and 5 of Internet Voting Now, I review the history of both Internet voting and the controversy over it in the US. The majority is more favorable and positive than you portray them. Secondly, re-think the words “cost a ton.” Getting back to the facts, the per vote cost of competently constructed Internet voting systems is way below the cost of polling place voting w/ paper security blankets. The US has over 3000 voting jurisdictions, which could each purchase its own Internet voting system, and start saving taxpayer money on elections. What’s stopping them? Anti-Internet voting special interests spread scary stories about teenage hackers in Iran controlling US elections, and folks are afraid. But, as the history of science shows, knowledge replaces fear. So, lets be informed and spread the true word about Internet voting! (Like we’re doing on this great blog!)

  • http://www.facebook.com/people/William-Kelleher/100000158583767 William Kelleher

    Lack of Knowledge Plagues Internet Voting in the US

    Misinformation abounds in the Internet voting discussion. Bai has his head in the 1990s, when folks were still worried over the “digital divide.” Now we have already achieved secure Internet voting on cell phones, iPads, and PCs. Security has proven to be manageable. Internet voting has been done all over the world, w/o security or technological problems that put the results in question. This includes Estonia, Norway, Switzerland, India, many cities in Canada, West Virginia, and more. Soon there will be France, Mexico City, and the Oscars!

    There is a comment here that “most experts agree that the technology to pull it off doesn’t exist yet.” But this another example of the misinformation being used to fog up the public’s understanding – “most”? In every Internet voting case there are teams of experts who know how to make it happen, and do make it happen. There are dozens of US corporations making regular use of Internet voting for stockholders to vote.

    Another example of uninformed information is that privacy has to be sacrificed for security. When a voter logs on to an Internet voting website, his/her voting registration is checked by one module. If its OK, the ballot is presented by a separate module. The information is never combined. Proven security strategies are used to protect both modules. What America needs is a better informed discussion.

    William J. Kelleher, Ph.D.
    Email: Internetvoting@gmail.com
    Blog: http://tinyurl.com/IV4All
    Twitter: wjkno1

    Author of Internet Voting Now!

  • steve_wildstrom

    Following posted on behalf of William J. Kelleher, author of Internet voting Now!

    Lack of Knowledge Plagues Internet Voting in the US

    Misinformation abounds in the Internet voting discussion. Bai has his head in the 1990s, when folks were still worried over the “digital divide.” Now we have already achieved secure Internet voting on cell phones, iPads, and PCs. Security has proven to be manageable. Internet voting has been done all over the world, w/o security or technological problems that put the results in question. This includes Estonia, Norway, Switzerland, India, many cities in Canada, West Virginia, and more. Soon there will be France, Mexico City, and the Oscars!

    There is a comment here that “most experts agree that the technology to pull it off doesn’t exist yet.” But this another example of the misinformation being used to fog up the public’s understanding – “most”? In every Internet voting case there are teams of experts who know how to make it happen, and do make it happen. There are dozens of US corporations making regular use of Internet voting for stockholders to vote.

    Another example of uninformed information is that privacy has to be sacrificed for security. When a voter logs on to an Internet voting website, his/her voting registration is checked by one module. If its OK, the ballot is presented by a separate module. The information is never combined. Proven security strategies are used to protect both modules. What America needs is a better informed discussion.

    • http://www.facebook.com/people/William-Kelleher/100000158583767 William Kelleher

      Appreciate your integrity, Steve!

      William J. Kelleher, Ph.D.
      Twitter: wjkno1

    • Rich

      As another poster said, considering we have groups of hackers who can get into sites that purport to be secure, I’m not sure who I trust to secure an internet voting system in such a way that we don’t discover the next day that Mickey Mouse won the election.

  • Pingback: The Voting News Weekly April 9-15 2012 - The Voting News » The Voting News